generalized tls_eap_t to support EAP_TNC wrapping the TNC_IF_TNCCS protocol
This commit is contained in:
parent
7b3c01845f
commit
d2b1d4378e
|
@ -123,6 +123,7 @@ static eap_tls_t *eap_tls_create(identification_t *server,
|
|||
{
|
||||
private_eap_tls_t *this;
|
||||
size_t frag_size;
|
||||
tls_t *tls;
|
||||
|
||||
INIT(this,
|
||||
.public = {
|
||||
|
@ -139,8 +140,13 @@ static eap_tls_t *eap_tls_create(identification_t *server,
|
|||
|
||||
frag_size = lib->settings->get_int(lib->settings,
|
||||
"charon.plugins.eap-tls.fragment_size", MAX_FRAGMENT_LEN);
|
||||
this->tls_eap = tls_eap_create(EAP_TLS, is_server, server, peer,
|
||||
NULL, frag_size);
|
||||
tls = tls_create(is_server, server, peer, TLS_PURPOSE_EAP_TLS, NULL);
|
||||
if (!tls)
|
||||
{
|
||||
free(this);
|
||||
return NULL;
|
||||
}
|
||||
this->tls_eap = tls_eap_create(EAP_TLS, tls, frag_size);
|
||||
if (!this->tls_eap)
|
||||
{
|
||||
free(this);
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
|
||||
INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libhydra \
|
||||
-I$(top_srcdir)/src/libcharon
|
||||
-I$(top_srcdir)/src/libcharon -I$(top_srcdir)/src/libtls
|
||||
|
||||
AM_CFLAGS = -rdynamic
|
||||
|
||||
|
@ -8,9 +8,11 @@ if MONOLITHIC
|
|||
noinst_LTLIBRARIES = libstrongswan-eap-tnc.la
|
||||
else
|
||||
plugin_LTLIBRARIES = libstrongswan-eap-tnc.la
|
||||
libstrongswan_eap_tnc_la_LIBADD = $(top_builddir)/src/libtls/libtls.la
|
||||
endif
|
||||
|
||||
libstrongswan_eap_tnc_la_SOURCES = \
|
||||
eap_tnc_plugin.h eap_tnc_plugin.c eap_tnc.h eap_tnc.c
|
||||
eap_tnc_plugin.h eap_tnc_plugin.c eap_tnc.h eap_tnc.c \
|
||||
tnc_if_tnccs.h tnc_if_tnccs.c
|
||||
|
||||
libstrongswan_eap_tnc_la_LDFLAGS = -module -avoid-version
|
||||
|
|
|
@ -14,6 +14,9 @@
|
|||
*/
|
||||
|
||||
#include "eap_tnc.h"
|
||||
#include "tnc_if_tnccs.h"
|
||||
|
||||
#include <tls_eap.h>
|
||||
|
||||
#include <daemon.h>
|
||||
#include <library.h>
|
||||
|
@ -31,84 +34,56 @@ struct private_eap_tnc_t {
|
|||
eap_tnc_t public;
|
||||
|
||||
/**
|
||||
* ID of the server
|
||||
* Number of EAP-TNC messages processed so far
|
||||
*/
|
||||
identification_t *server;
|
||||
int processed;
|
||||
|
||||
/**
|
||||
* ID of the peer
|
||||
* TLS stack, wrapped by EAP helper
|
||||
*/
|
||||
identification_t *peer;
|
||||
tls_eap_t *tls_eap;
|
||||
};
|
||||
|
||||
/**
|
||||
* Flags of an EAP-TNC message
|
||||
*/
|
||||
typedef enum {
|
||||
EAP_TNC_LENGTH = (1<<7),
|
||||
EAP_TNC_MORE_FRAGS = (1<<6),
|
||||
EAP_TNC_START = (1<<5),
|
||||
EAP_TNC_DH = (1<<4),
|
||||
EAP_TNC_VERSION = 0x07
|
||||
} eap_tnc_flags_t;
|
||||
|
||||
/**
|
||||
* EAP-TNC packet format
|
||||
*/
|
||||
typedef struct __attribute__((packed)) {
|
||||
u_int8_t code;
|
||||
u_int8_t identifier;
|
||||
u_int16_t length;
|
||||
u_int8_t type;
|
||||
u_int8_t flags;
|
||||
} eap_tnc_packet_t;
|
||||
/** Maximum number of EAP-TNC messages/fragments allowed */
|
||||
#define MAX_MESSAGE_COUNT 2
|
||||
/** Default size of a EAP-TNC fragment */
|
||||
#define MAX_FRAGMENT_LEN 50000
|
||||
|
||||
METHOD(eap_method_t, initiate_peer, status_t,
|
||||
METHOD(eap_method_t, initiate, status_t,
|
||||
private_eap_tnc_t *this, eap_payload_t **out)
|
||||
{
|
||||
/* peer never initiates */
|
||||
chunk_t data;
|
||||
|
||||
if (this->tls_eap->initiate(this->tls_eap, &data) == NEED_MORE)
|
||||
{
|
||||
*out = eap_payload_create_data(data);
|
||||
free(data.ptr);
|
||||
return NEED_MORE;
|
||||
}
|
||||
return FAILED;
|
||||
}
|
||||
|
||||
METHOD(eap_method_t, initiate_server, status_t,
|
||||
private_eap_tnc_t *this, eap_payload_t **out)
|
||||
{
|
||||
return NEED_MORE;
|
||||
}
|
||||
|
||||
METHOD(eap_method_t, process_peer, status_t,
|
||||
METHOD(eap_method_t, process, status_t,
|
||||
private_eap_tnc_t *this, eap_payload_t *in, eap_payload_t **out)
|
||||
{
|
||||
eap_tnc_packet_t *pkt;
|
||||
status_t status;
|
||||
chunk_t data;
|
||||
|
||||
data = in->get_data(in);
|
||||
|
||||
pkt = (eap_tnc_packet_t*)data.ptr;
|
||||
if (data.len < sizeof(eap_tnc_packet_t) ||
|
||||
untoh16(&pkt->length) != data.len)
|
||||
if (++this->processed > MAX_MESSAGE_COUNT)
|
||||
{
|
||||
DBG1(DBG_IKE, "invalid EAP-TNC packet length");
|
||||
DBG1(DBG_IKE, "EAP-TNC packet count exceeded (%d > %d)",
|
||||
this->processed, MAX_MESSAGE_COUNT);
|
||||
return FAILED;
|
||||
}
|
||||
if (pkt->flags & EAP_TNC_START)
|
||||
{
|
||||
DBG1(DBG_IKE, "EAP-TNC version is v%u", pkt->flags & EAP_TNC_VERSION);
|
||||
}
|
||||
*out = eap_payload_create_nak(in->get_identifier(in));
|
||||
|
||||
return NEED_MORE;
|
||||
}
|
||||
|
||||
METHOD(eap_method_t, process_server, status_t,
|
||||
private_eap_tnc_t *this, eap_payload_t *in, eap_payload_t **out)
|
||||
{
|
||||
chunk_t data;
|
||||
|
||||
data = in->get_data(in);
|
||||
DBG2(DBG_IKE, "received EAP-TNC data: %B", &data);
|
||||
|
||||
return SUCCESS;
|
||||
status = this->tls_eap->process(this->tls_eap, data, &data);
|
||||
if (status == NEED_MORE)
|
||||
{
|
||||
*out = eap_payload_create_data(data);
|
||||
free(data.ptr);
|
||||
}
|
||||
return status;
|
||||
}
|
||||
|
||||
METHOD(eap_method_t, get_type, eap_type_t,
|
||||
|
@ -121,6 +96,11 @@ METHOD(eap_method_t, get_type, eap_type_t,
|
|||
METHOD(eap_method_t, get_msk, status_t,
|
||||
private_eap_tnc_t *this, chunk_t *msk)
|
||||
{
|
||||
*msk = this->tls_eap->get_msk(this->tls_eap);
|
||||
if (msk->len)
|
||||
{
|
||||
return SUCCESS;
|
||||
}
|
||||
return FAILED;
|
||||
}
|
||||
|
||||
|
@ -133,58 +113,58 @@ METHOD(eap_method_t, is_mutual, bool,
|
|||
METHOD(eap_method_t, destroy, void,
|
||||
private_eap_tnc_t *this)
|
||||
{
|
||||
this->peer->destroy(this->peer);
|
||||
this->server->destroy(this->server);
|
||||
this->tls_eap->destroy(this->tls_eap);
|
||||
free(this);
|
||||
}
|
||||
|
||||
/*
|
||||
* See header
|
||||
/**
|
||||
* Generic private constructor
|
||||
*/
|
||||
eap_tnc_t *eap_tnc_create_server(identification_t *server, identification_t *peer)
|
||||
static eap_tnc_t *eap_tnc_create(identification_t *server,
|
||||
identification_t *peer, bool is_server)
|
||||
{
|
||||
private_eap_tnc_t *this;
|
||||
size_t frag_size;
|
||||
tls_t *tnc_if_tnccs;
|
||||
|
||||
INIT(this,
|
||||
.public = {
|
||||
.eap_method = {
|
||||
.initiate = _initiate_server,
|
||||
.process = _process_server,
|
||||
.initiate = _initiate,
|
||||
.process = _process,
|
||||
.get_type = _get_type,
|
||||
.is_mutual = _is_mutual,
|
||||
.get_msk = _get_msk,
|
||||
.destroy = _destroy,
|
||||
},
|
||||
},
|
||||
.peer = peer->clone(peer),
|
||||
.server = server->clone(server),
|
||||
);
|
||||
|
||||
frag_size = lib->settings->get_int(lib->settings,
|
||||
"charon.plugins.eap-tnc.fragment_size", MAX_FRAGMENT_LEN);
|
||||
tnc_if_tnccs = tnc_if_tnccs_create(is_server, TLS_PURPOSE_EAP_TNC);
|
||||
if (!tnc_if_tnccs)
|
||||
{
|
||||
free(this);
|
||||
return NULL;
|
||||
}
|
||||
this->tls_eap = tls_eap_create(EAP_TNC, tnc_if_tnccs, frag_size);
|
||||
if (!this->tls_eap)
|
||||
{
|
||||
free(this);
|
||||
return NULL;
|
||||
}
|
||||
return &this->public;
|
||||
}
|
||||
|
||||
/*
|
||||
* See header
|
||||
*/
|
||||
eap_tnc_t *eap_tnc_create_peer(identification_t *server, identification_t *peer)
|
||||
eap_tnc_t *eap_tnc_create_server(identification_t *server,
|
||||
identification_t *peer)
|
||||
{
|
||||
private_eap_tnc_t *this;
|
||||
|
||||
INIT(this,
|
||||
.public = {
|
||||
.eap_method = {
|
||||
.initiate = _initiate_peer,
|
||||
.process = _process_peer,
|
||||
.get_type = _get_type,
|
||||
.is_mutual = _is_mutual,
|
||||
.get_msk = _get_msk,
|
||||
.destroy = _destroy,
|
||||
},
|
||||
},
|
||||
.peer = peer->clone(peer),
|
||||
.server = server->clone(server),
|
||||
);
|
||||
|
||||
return &this->public;
|
||||
return eap_tnc_create(server, peer, TRUE);
|
||||
}
|
||||
|
||||
eap_tnc_t *eap_tnc_create_peer(identification_t *server,
|
||||
identification_t *peer)
|
||||
{
|
||||
return eap_tnc_create(server, peer, FALSE);
|
||||
}
|
||||
|
|
|
@ -0,0 +1,125 @@
|
|||
/*
|
||||
* Copyright (C) 2010 Andreas Steffen
|
||||
* Copyright (C) 2010 HSR Hochschule fuer Technik Rapperswil
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License as published by the
|
||||
* Free Software Foundation; either version 2 of the License, or (at your
|
||||
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
* for more details.
|
||||
*/
|
||||
|
||||
#include "tnc_if_tnccs.h"
|
||||
|
||||
#include <debug.h>
|
||||
|
||||
typedef struct private_tnc_if_tnccs_t private_tnc_if_tnccs_t;
|
||||
|
||||
/**
|
||||
* Private data of a tnc_if_tnccs_t object.
|
||||
*/
|
||||
struct private_tnc_if_tnccs_t {
|
||||
|
||||
/**
|
||||
* Public tls_t interface.
|
||||
*/
|
||||
tls_t public;
|
||||
|
||||
/**
|
||||
* Role this TNC IF-TNCCS stack acts as.
|
||||
*/
|
||||
bool is_server;
|
||||
|
||||
/**
|
||||
* TLS stack purpose, as given to constructor
|
||||
*/
|
||||
tls_purpose_t purpose;
|
||||
};
|
||||
|
||||
METHOD(tls_t, process, status_t,
|
||||
private_tnc_if_tnccs_t *this, void *buf, size_t buflen)
|
||||
{
|
||||
/* TODO */
|
||||
return NEED_MORE;
|
||||
}
|
||||
|
||||
METHOD(tls_t, build, status_t,
|
||||
private_tnc_if_tnccs_t *this, void *buf, size_t *buflen, size_t *msglen)
|
||||
{
|
||||
char output[] = "Hello World";
|
||||
size_t len = strlen(output);
|
||||
|
||||
/* TODO */
|
||||
*buflen = len;
|
||||
*msglen = len;
|
||||
memcpy(buf, output, len);
|
||||
|
||||
return ALREADY_DONE;
|
||||
}
|
||||
|
||||
METHOD(tls_t, is_server, bool,
|
||||
private_tnc_if_tnccs_t *this)
|
||||
{
|
||||
return this->is_server;
|
||||
}
|
||||
|
||||
METHOD(tls_t, get_purpose, tls_purpose_t,
|
||||
private_tnc_if_tnccs_t *this)
|
||||
{
|
||||
return this->purpose;
|
||||
}
|
||||
|
||||
METHOD(tls_t, is_complete, bool,
|
||||
private_tnc_if_tnccs_t *this)
|
||||
{
|
||||
/* TODO */
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
METHOD(tls_t, get_eap_msk, chunk_t,
|
||||
private_tnc_if_tnccs_t *this)
|
||||
{
|
||||
return chunk_empty;
|
||||
}
|
||||
|
||||
METHOD(tls_t, destroy, void,
|
||||
private_tnc_if_tnccs_t *this)
|
||||
{
|
||||
free(this);
|
||||
}
|
||||
|
||||
/**
|
||||
* See header
|
||||
*/
|
||||
tls_t *tnc_if_tnccs_create(bool is_server, tls_purpose_t purpose)
|
||||
{
|
||||
private_tnc_if_tnccs_t *this;
|
||||
|
||||
switch (purpose)
|
||||
{
|
||||
case TLS_PURPOSE_EAP_TNC:
|
||||
break;
|
||||
default:
|
||||
return NULL;
|
||||
}
|
||||
|
||||
INIT(this,
|
||||
.public = {
|
||||
.process = _process,
|
||||
.build = _build,
|
||||
.is_server = _is_server,
|
||||
.get_purpose = _get_purpose,
|
||||
.is_complete = _is_complete,
|
||||
.get_eap_msk = _get_eap_msk,
|
||||
.destroy = _destroy,
|
||||
},
|
||||
.is_server = is_server,
|
||||
.purpose = purpose,
|
||||
);
|
||||
|
||||
return &this->public;
|
||||
}
|
|
@ -0,0 +1,37 @@
|
|||
/*
|
||||
* Copyright (C) 2010 Andreas Steffen
|
||||
* Hochschule fuer Technik Rapperswil
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License as published by the
|
||||
* Free Software Foundation; either version 2 of the License, or (at your
|
||||
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
* for more details.
|
||||
*/
|
||||
|
||||
/**
|
||||
* @defgroup tnc_if_tnccs tnc_if_tnccs
|
||||
* @{ @ingroup tnc_if_tnccs
|
||||
*/
|
||||
|
||||
#ifndef TNC_IF_TNCCS_H_
|
||||
#define TNC_IF_TNCCS_H_
|
||||
|
||||
#include <library.h>
|
||||
|
||||
#include <tls.h>
|
||||
|
||||
/**
|
||||
* Create an instance of the TNC IF-TNCCS 1.1 protocol handler.
|
||||
*
|
||||
* @param is_server TRUE to act as server, FALSE for client
|
||||
* @param purpose purpose this TLS stack instance is used for
|
||||
* @return TNC_IF_TNCCS stack
|
||||
*/
|
||||
tls_t *tnc_if_tnccs_create(bool is_server, tls_purpose_t purpose);
|
||||
|
||||
#endif /** TNC_IF_TNCCS_H_ @}*/
|
|
@ -126,6 +126,7 @@ static eap_ttls_t *eap_ttls_create(identification_t *server,
|
|||
{
|
||||
private_eap_ttls_t *this;
|
||||
size_t frag_size;
|
||||
tls_t *tls;
|
||||
|
||||
INIT(this,
|
||||
.public = {
|
||||
|
@ -146,8 +147,13 @@ static eap_ttls_t *eap_ttls_create(identification_t *server,
|
|||
}
|
||||
frag_size = lib->settings->get_int(lib->settings,
|
||||
"charon.plugins.eap-ttls.fragment_size", MAX_FRAGMENT_LEN);
|
||||
this->tls_eap = tls_eap_create(EAP_TTLS, is_server, server, peer,
|
||||
application, frag_size);
|
||||
tls = tls_create(is_server, server, peer, TLS_PURPOSE_EAP_TTLS, application);
|
||||
if (!tls)
|
||||
{
|
||||
free(this);
|
||||
return NULL;
|
||||
}
|
||||
this->tls_eap = tls_eap_create(EAP_TTLS, tls, frag_size);
|
||||
if (!this->tls_eap)
|
||||
{
|
||||
application->destroy(application);
|
||||
|
|
|
@ -98,6 +98,8 @@ enum tls_purpose_t {
|
|||
TLS_PURPOSE_EAP_TTLS,
|
||||
/** non-EAP TLS */
|
||||
TLS_PURPOSE_GENERIC,
|
||||
/** EAP binding for TNC */
|
||||
TLS_PURPOSE_EAP_TNC
|
||||
};
|
||||
|
||||
/**
|
||||
|
|
|
@ -71,6 +71,9 @@ typedef enum {
|
|||
EAP_TTLS_VERSION = (0x07),
|
||||
} eap_tls_flags_t;
|
||||
|
||||
#define EAP_TTLS_SUPPORTED_VERSION 0
|
||||
#define EAP_TNC_SUPPORTED_VERSION 1
|
||||
|
||||
/**
|
||||
* EAP-TLS/TTLS packet format
|
||||
*/
|
||||
|
@ -92,6 +95,17 @@ METHOD(tls_eap_t, initiate, status_t,
|
|||
.code = EAP_REQUEST,
|
||||
.flags = EAP_TLS_START,
|
||||
};
|
||||
switch (this->type)
|
||||
{
|
||||
case EAP_TTLS:
|
||||
pkt.flags |= EAP_TTLS_SUPPORTED_VERSION;
|
||||
break;
|
||||
case EAP_TNC:
|
||||
pkt.flags |= EAP_TNC_SUPPORTED_VERSION;
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
htoun16(&pkt.length, sizeof(eap_tls_packet_t));
|
||||
do
|
||||
{ /* start with non-zero random identifier */
|
||||
|
@ -154,9 +168,21 @@ static status_t build_pkt(private_tls_eap_t *this,
|
|||
pkt->type = this->type;
|
||||
pkt->flags = 0;
|
||||
|
||||
switch (this->type)
|
||||
{
|
||||
case EAP_TTLS:
|
||||
pkt->flags |= EAP_TTLS_SUPPORTED_VERSION;
|
||||
break;
|
||||
case EAP_TNC:
|
||||
pkt->flags |= EAP_TNC_SUPPORTED_VERSION;
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
|
||||
if (this->first_fragment)
|
||||
{
|
||||
pkt->flags = EAP_TLS_LENGTH;
|
||||
pkt->flags |= EAP_TLS_LENGTH;
|
||||
len = sizeof(buf) - sizeof(eap_tls_packet_t) - sizeof(u_int32_t);
|
||||
status = this->tls->build(this->tls, buf + sizeof(eap_tls_packet_t) +
|
||||
sizeof(u_int32_t), &len, &reclen);
|
||||
|
@ -235,9 +261,9 @@ METHOD(tls_eap_t, process, status_t,
|
|||
}
|
||||
if (pkt->flags & EAP_TLS_START)
|
||||
{
|
||||
if (this->type == EAP_TTLS)
|
||||
if (this->type == EAP_TTLS || this->type == EAP_TNC)
|
||||
{
|
||||
DBG1(DBG_TLS, "EAP-TTLS version is v%u",
|
||||
DBG1(DBG_TLS, "%N version is v%u", eap_type_names, this->type,
|
||||
pkt->flags & EAP_TTLS_VERSION);
|
||||
}
|
||||
}
|
||||
|
@ -295,24 +321,9 @@ METHOD(tls_eap_t, destroy, void,
|
|||
/**
|
||||
* See header
|
||||
*/
|
||||
tls_eap_t *tls_eap_create(eap_type_t type, bool is_server,
|
||||
identification_t *server, identification_t *peer,
|
||||
tls_application_t *application, size_t frag_size)
|
||||
tls_eap_t *tls_eap_create(eap_type_t type, tls_t *tls, size_t frag_size)
|
||||
{
|
||||
private_tls_eap_t *this;
|
||||
tls_purpose_t purpose;
|
||||
|
||||
switch (type)
|
||||
{
|
||||
case EAP_TLS:
|
||||
purpose = TLS_PURPOSE_EAP_TLS;
|
||||
break;
|
||||
case EAP_TTLS:
|
||||
purpose = TLS_PURPOSE_EAP_TTLS;
|
||||
break;
|
||||
default:
|
||||
return NULL;
|
||||
};
|
||||
|
||||
INIT(this,
|
||||
.public = {
|
||||
|
@ -322,15 +333,11 @@ tls_eap_t *tls_eap_create(eap_type_t type, bool is_server,
|
|||
.destroy = _destroy,
|
||||
},
|
||||
.type = type,
|
||||
.is_server = is_server,
|
||||
.is_server = tls->is_server(tls),
|
||||
.first_fragment = TRUE,
|
||||
.frag_size = frag_size,
|
||||
.tls = tls_create(is_server, server, peer, purpose, application),
|
||||
.tls = tls,
|
||||
);
|
||||
if (!this->tls)
|
||||
{
|
||||
free(this);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
return &this->public;
|
||||
}
|
||||
|
|
|
@ -25,7 +25,7 @@ typedef struct tls_eap_t tls_eap_t;
|
|||
|
||||
#include <eap/eap.h>
|
||||
|
||||
#include "tls_application.h"
|
||||
#include "tls.h"
|
||||
|
||||
/**
|
||||
* TLS over EAP helper, as used by EAP-TLS and EAP-TTLS.
|
||||
|
@ -33,7 +33,7 @@ typedef struct tls_eap_t tls_eap_t;
|
|||
struct tls_eap_t {
|
||||
|
||||
/**
|
||||
* Initiate TLS over EAP exchange (as client).
|
||||
* Initiate TLS/TTLS/TNC over EAP exchange (as client).
|
||||
*
|
||||
* @param out allocated EAP packet data to send
|
||||
* @return
|
||||
|
@ -43,7 +43,7 @@ struct tls_eap_t {
|
|||
status_t (*initiate)(tls_eap_t *this, chunk_t *out);
|
||||
|
||||
/**
|
||||
* Process a received EAP-TLS/TTLS packet, create response.
|
||||
* Process a received EAP-TLS/TTLS/TNC packet, create response.
|
||||
*
|
||||
* @param in EAP packet data to process
|
||||
* @param out allocated EAP packet data to send
|
||||
|
@ -71,14 +71,9 @@ struct tls_eap_t {
|
|||
* Create a tls_eap instance.
|
||||
*
|
||||
* @param type EAP type, EAP-TLS or EAP-TTLS
|
||||
* @param is_server role
|
||||
* @param server server identity
|
||||
* @param peer peer identity, NULL to omit peer authentication
|
||||
* @param application TLS application layer, if any
|
||||
* @param tls TLS implementation
|
||||
* @param frag_size maximum size of a TLS fragment we send
|
||||
*/
|
||||
tls_eap_t *tls_eap_create(eap_type_t type, bool is_server,
|
||||
identification_t *server, identification_t *peer,
|
||||
tls_application_t *application, size_t frag_size);
|
||||
tls_eap_t *tls_eap_create(eap_type_t type, tls_t *tls, size_t frag_size);
|
||||
|
||||
#endif /** TLS_EAP_H_ @}*/
|
||||
|
|
Loading…
Reference in New Issue